August 31, 2023
10 min read
The growing popularity of cryptocurrency users worldwide has drawn the attention from malefactors, hence increasing the number and variety of potential cyberattacks. It is important for a crypto wallet user to have at least a basic understanding of the threats and ways to prevent them from occurring.
The team at Atomic Wallet is deeply committed to implementing significant measures to diminish the possibility of such breaches, thus safeguarding the security and maintaining the integrity of our users' assets and transactions.
In this article, we’ll delve into how Atomic Wallet safeguards against various threats, including viruses/keyloggers, malware code injection, Man in the Middle attacks, DDoS attacks, and domain hijacking.
Cryptocurrency Wallet Types
Possible security threats for crypto wallets
Viruses and Keyloggers
Malware code injection
General wallet security recommendations
Before diving into the details of Atomic Wallets’ security arrangements, let us first look at what kind of wallets and services exist to get a better idea of how security is managed in the industry.
There are two main types of crypto wallets depending on which party holds the private keys: custodial wallets & non-custodial wallets.
Custodial wallets function similar to banks. They keep your funds and require you to set up an account, which will often include providing your personal information. Custodial wallets are also subject to financial regulators and will often have KYC and AML procedures in place. They are mostly used by centralized exchanges.
Custodial wallets are overall a more convenient option for a user, since they usually have lower fees, are easy to use, and can restore a user's account if the password was lost. On the flipside, the custodian has access to all of your funds and can freeze your account, preventing you from making transactions. This can happen if the platform suspects you of any fraudulent activity even for political reasons.
Non-custodial wallets give users full control and responsibility over their funds. In these wallets, the keys are generated, stored, and encrypted locally on the user’s device. There are two main types of non-custodial wallets: software and hardware wallets. The key difference is that a hardware wallet is a completely separate physical device that stores your keys, whereas software wallets are installed on a desktop or a mobile device and store your keys there. Hardware wallets are considered to be safer, but software wallets are easier to use.
Non-custodial wallets are anonymous and you don’t need to provide any information to set up a wallet. With these wallets, no one has access to your funds but you. There is no possible way for anyone to freeze your account or prevent you from transferring the funds, as well as recover your funds if you lost access to them. It is your responsibility to keep your funds safe.
Atomic wallet is a non-custodial software wallet. This means that your private keys are generated and never leave your local device. Your funds are safe on the blockchain, and as a software development company, Atomic has no access to your funds.
The funds stored on the blockchain are accessible via any other similar wallet app with 12 words backup or private keys. This is why you need to keep your private keys safe.
The most common ways to compromise crypto wallets are achived by using viruses/keyloggers, malware code injection, Man in the Middle attacks, DDoS attacks, and domain hijacking.
Now let’s take a closer look at different security threats that crypto wallets have to battle and examine how Atomic Wallet deals with these threats.
Viruses and keyloggers in particular, pose a significant threat to crypto wallets.
Keyloggers represent a category of malicious software that records keystrokes, focusing on capturing sensitive information such as passwords or private keys.
A keylogger is believed to be the culprit behind the LocalBitcoins hack back in 2015.
Atomic’s response to keylogger threat
Within cryptocurrency wallets, the term 'malware code injection' is typically used to denote the illicit insertion of harmful code into the wallet's software or related web pages. This injected code can potentially facilitate malefactors in commandeering the wallet, illicitly acquiring private keys or confidential data, or even surreptitiously manipulating transactions to divert funds into their personal accounts.
To protect itself from malware code injection, Atomic Wallet takes several measures:
A separate security team thoroughly examines the build process, ensuring no signs of malware code injection or other security vulnerabilities. This additional scrutiny layer helps identify and address any potential risks before the software reaches end-users.
By ensuring that all third-party libraries used in the wallet are from trusted sources and regularly updating them with the latest security patches, Atomic Wallet mitigates the risk of malware code injection through compromised or vulnerable libraries.
These audits comprehensively review the wallet's codebase, architecture, and security practices. Subjecting the wallet to external scrutiny helps identify weaknesses or areas for improvement to enhance its overall security stance and protect against malware code injection and other security threats.
Ransom attacks attempt to encrypt or seize control of a user's device and demand a ransom to restore access. Ransomware attacks can be extremely harmful, as an example, 725 BTC were sent to attackers of the infamous Conti ring.
Ransomware prevention mechanisms
DNS hijacking can redirect users to fake wallet websites, where they may unknowingly enter their sensitive information, enabling the attackers to steal their funds. One of the most infamous examples of DNS hijacking is MyEtherWallet DNS hack.
Ways to prevent from DNS Hijacking
Cloudflare DNS is widely recognized as one of the most secure DNS services available. By leveraging Cloudflare DNS, Atomic Wallet strengthens the security of its domain and prevents potential tampering or exploitation of the domain records.
Mark Monitor is a trusted service used by some of the most visited websites globally, including YouTube and Amazon. This helps ensure the reliability and security of the wallet's domain, minimizing the risk of unauthorized access or tampering.
DDoS attacks overwhelm a server with a flood of traffic to disrupt its normal functioning. For example, in 2021, a UK crypto exchange EXMO went offline for almost 5 hours due to a DDoS attack.
Atomic Wallet employs several measures to protect itself against DDoS attacks
Load balancers distribute incoming network traffic across multiple servers to ensure optimal resource allocation and prevent any single server from being overwhelmed. By distributing the load evenly, load balancers help maintain a stable and uninterrupted service even during high-traffic periods or when facing DDoS attacks. They can dynamically scale resources, redirect traffic, and filter out potentially malicious requests, effectively mitigating the impact of DDoS attacks.
These systems monitor incoming traffic, analyze patterns, and distinguish between legitimate and malicious requests. They are designed to detect and block suspicious traffic, such as that generated by DDoS attacks, ensuring that only legitimate users can access the wallet services. These traffic filtering systems and firewalls are regularly updated with the latest threat intelligence to enhance their effectiveness in detecting and mitigating emerging DDoS attack vectors.
By caching frequently accessed data and serving it from cache, rather than fetching it directly from the database or backend services, the load on the infrastructure is reduced. This helps to mitigate the impact of DDoS attacks by minimizing the strain on resources and ensuring smooth operation even under high traffic conditions. The caching system also allows for faster response times, enhancing the overall user experience while deterring potential attackers from causing disruptions.
Man in the Middle (MITM) attacks involve intercepting and potentially altering communication between two parties without their knowledge to compromise the system from within. You can learn more how North Korean hackers utilized this method of attack to steal $620m from Axie Infinity via a fake job offer.
One of the key methods Atomic Wallet employs for protection against MITM attacks is ensuring that critical information, such as wallet updates, is located in the so-called Demilitarized Zone (DMZ).
DMZ is a perimeter network that provides an additional layer of security to a company's internal local-area network, safeguarding it from potentially harmful external traffic. This approach makes it more difficult for potential attackers to gain any unauthorized access.
It is worth noting that while Atomic Wallet takes proactive measures to protect against multitude of different attacks, it is still a non-custodial wallet, and users should follow some basic security rules:
Atomic Wallet is dedicated to providing users with a robust non-custodial platform for managing digital assets.
Through continuous efforts to enhance security, including regular security audits, careful management of third-party libraries, and verification of builds, Atomic Wallet maintains a robust infrastructure that protects against various security vulnerabilities and potential data breaches.
1inch is a decentralized exchange aggregator that finds the best prices across multiple platforms for cryptocurrency trades.
IDOs are a fundraising method in the blockchain space, allowing startups to launch tokens on decentralized exchanges.